package si.yun.web;


import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.DisabledException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.stereotype.Component;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;
import si.yun.dao.SyUserMapper;
import si.yun.utils.JsonData;
import si.yun.utils.Md5Utils;
import si.yun.utils.VerifyUtil;

import javax.imageio.ImageIO;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.awt.image.BufferedImage;
import java.io.IOException;
import java.io.OutputStream;
import java.util.Collection;
import java.util.Map;

/**
 * @ClassName: spring安全框架的自定义校验
 * @Description: TODO
 * @Author: 李振海
 * @Date 2021/9/30 9:14
 */
@Component
@Controller
public class MyAuthenticationProvider implements AuthenticationProvider {

    @Autowired
    private UserDetailController userDetailServiceImpl;

    @Autowired
    private SyUserMapper syUserMapper;


    /**
     * 自定义验证方式
     */
    @Override
    public Authentication authenticate(Authentication authentication) throws AuthenticationException {

        Md5Utils Md5=new Md5Utils();
        //主要获取用户的账号以及密码，方便去进行比较
        String username = authentication.getName();
        String password = (String) authentication.getCredentials();

        //通过调用去获取该用户相对应的权限等
        UserDetails userDetails = userDetailServiceImpl.loadUserByUsername(username);

        Collection<? extends GrantedAuthority> authorities89 = userDetails.getAuthorities();


        //通过工具类将前台传入的密码与数据库加密后的密码进行比较，如果正确则返回true
        boolean password1 = Md5.verify(password, userDetails.getPassword());
        //加密过程在这里体现
        if (!password1) {
            throw new DisabledException("Wrong password.");
        }
        Collection<? extends GrantedAuthority> authorities = userDetails.getAuthorities();
        return new UsernamePasswordAuthenticationToken(userDetails, password, authorities);
    }


    @Override
    public boolean supports(Class<?> arg0) {
        return true;
    }

    /*
     * @Description : 获取验证码
     * @Return : void
     * @Date : 2021/11/3 16:04
     */
    @RequestMapping(value = "/getImg", method = {RequestMethod.POST, RequestMethod.GET})
    protected void createImg(HttpServletRequest req, HttpServletResponse res) throws ServletException, IOException {
        //1.生成随机的验证码及图片
        Object[] objs = VerifyUtil.createImage();
        //2.将验证码存入session
        String imgcode = (String) objs[0];
        HttpSession session = req.getSession();
        session.setAttribute("imgcode", imgcode);
        //3.将图片输出给浏览器
        BufferedImage img = (BufferedImage) objs[1];
        res.setContentType("image/png");
        //服务器自动创建输出流，目标指向浏览器
        OutputStream os = res.getOutputStream();
        ImageIO.write(img, "png", os);
        os.close();
    }

    /*
     * @Description : 判断验证码是否正确
     * @Return : si.yun.utils.JsonData
     * @Date : 2021/11/4 14:32
     */
    @RequestMapping("/getCode")
    @ResponseBody
    public JsonData getCode(String str,HttpSession session){
        String  code = (String) session.getAttribute("imgcode");
        boolean flag=false;
        if(code.compareToIgnoreCase(str)==0){
            flag=true;
        }
        return  JsonData.buildSuccess(flag);
    }

    /*
     * @Description : 查看账户状态
     * @Return : si.yun.utils.JsonData
     * @Date : 2021/11/18 14:19
     */
    @RequestMapping("/getEnabled")
    @ResponseBody
    public JsonData getEnabled(String str){
        Map<String, Object> userName = syUserMapper.getUserName(str);
        return  JsonData.buildSuccess(userName);
    }

}